Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Security Concepts practice sets

200-201 Security Concepts • Complete Question Bank

200-201 Security Concepts — All Questions With Answers

Complete 200-201 Security Concepts question bank — all 0 questions with answers and detailed explanations.

99
Questions
Free
No signup
Certifications/200-201/Practice Test/Security Concepts/All Questions
Question 1easymultiple choice
Read the full Security Concepts explanation →

Which element of the CIA triad is primarily concerned with preventing unauthorized access to data?

Question 2easymultiple choice
Read the full Security Concepts explanation →

A security analyst discovers that a malicious actor is using a technique to gather information about employees by searching social media sites. Which type of attack is being performed?

Question 3easymultiple choice
Read the full Security Concepts explanation →

Which of the following best describes a vulnerability?

Question 4mediummultiple choice
Read the full Security Concepts explanation →

An organization experiences a ransomware attack where files are encrypted and a ransom is demanded. Which element of the CIA triad is most directly impacted?

Question 5mediummultiple choice
Read the full Security Concepts explanation →

A security analyst is examining a log file and notices that the hash value of a configuration file does not match the expected value. Which security goal has been violated?

Question 6mediummultiple choice
Read the full Security Concepts explanation →

Which of the following is an example of a symmetric encryption algorithm?

Question 7mediummultiple choice
Read the full Security Concepts explanation →

A user receives an email that appears to be from their bank, asking them to click a link and verify their account details. The email contains a sense of urgency. Which type of attack is this?

Question 8mediummultiple choice
Read the full Security Concepts explanation →

An attacker intercepts communication between two parties and modifies the data before forwarding it. Which type of attack is this?

Question 9mediummultiple choice
Read the full Security Concepts explanation →

Which compliance framework specifically addresses the protection of cardholder data?

Question 10hardmultiple choice
Read the full Security Concepts explanation →

A security analyst needs to ensure that a message has not been tampered with during transit and that the sender cannot deny sending it. Which cryptographic method should be used?

Question 11hardmultiple choice
Read the full Security Concepts explanation →

During a security audit, it is discovered that an organization’s network is vulnerable to ARP spoofing attacks. Which type of attack could result from exploiting this vulnerability?

Question 12hardmultiple choice
Read the full Security Concepts explanation →

An organization wants to implement a security framework that includes functions such as Identify, Protect, Detect, Respond, and Recover. Which framework aligns with this structure?

Question 13mediummulti select
Read the full Security Concepts explanation →

A security analyst is investigating a potential data breach. Which two actions are examples of passive reconnaissance? (Choose two.)

Question 14hardmulti select
Read the full Security Concepts explanation →

An organization is implementing a security policy to protect sensitive data. Which three are considered compliance frameworks that could guide this effort? (Choose three.)

Question 15mediummulti select
Read the full Security Concepts explanation →

A security team is analyzing a malware infection. Which two characteristics are typical of a worm? (Choose two.)

Question 16easymultiple choice
Read the full Security Concepts explanation →

Which element of the CIA triad is primarily compromised when an attacker successfully intercepts and reads encrypted network traffic without authorization?

Question 17mediummultiple choice
Read the full Security Concepts explanation →

A security analyst discovers that a server's configuration allows users to access files outside of their intended directory. In security terminology, what is this weakness called?

Question 18hardmultiple choice
Read the full Security Concepts explanation →

During a penetration test, a security engineer uses publicly available information from LinkedIn and Google to gather details about employees and organizational structure. Which type of reconnaissance is being performed?

Question 19mediummultiple choice
Read the full Security Concepts explanation →

An attacker sends an email posing as the company's IT department, asking employees to click a link and enter their credentials. Which type of social engineering attack is this?

Question 20mediummultiple choice
Read the full Security Concepts explanation →

Which type of malware is characterized by self-replication and spreading to other systems without user interaction, often causing network congestion?

Question 21hardmultiple choice
Read the full Security Concepts explanation →

An attacker intercepts communication between a client and a server, allowing the attacker to read, insert, and modify messages in both directions. Which type of network attack is this?

Question 22mediummultiple choice
Read the full Security Concepts explanation →

Which cryptographic method uses the same key for both encryption and decryption, and is typically faster than asymmetric encryption?

Question 23easymultiple choice
Read the full Security Concepts explanation →

A security administrator needs to verify that a downloaded file has not been altered during transit. Which cryptographic technique should be used?

Question 24mediummultiple choice
Read the full Security Concepts explanation →

What is the primary purpose of a digital certificate in a Public Key Infrastructure (PKI)?

Question 25hardmultiple choice
Read the full Security Concepts explanation →

A company processes credit card payments and must comply with a framework that mandates specific security controls for protecting cardholder data. Which compliance framework applies?

Question 26easymultiple choice
Read the full Security Concepts explanation →

Which phase of the NIST Cybersecurity Framework involves actions to limit the impact of a cybersecurity incident?

Question 27mediummultiple choice
Read the full Security Concepts explanation →

A security analyst observes repeated failed login attempts from a single external IP address, causing the authentication server to become unresponsive. Which type of attack is occurring?

Question 28mediummulti select
Read the full Security Concepts explanation →

A security engineer is analyzing a recent data breach. Which TWO are examples of active reconnaissance techniques? (Select two.)

Question 29hardmulti select
Read the full Security Concepts explanation →

An organization wants to ensure data integrity and non-repudiation for sensitive documents. Which THREE cryptographic mechanisms should be implemented? (Select three.)

Question 30easymulti select
Read the full Security Concepts explanation →

Which TWO of the following are examples of malware that rely on user interaction to spread? (Select two.)

Question 31easymultiple choice
Read the full Security Concepts explanation →

Which element of the CIA triad ensures that data cannot be modified by unauthorized parties?

Question 32easymultiple choice
Read the full Security Concepts explanation →

A security analyst discovers that an employee's computer is infected with malware that encrypts files and demands payment. What type of malware is this?

Question 33mediummultiple choice
Read the full Security Concepts explanation →

A network analyst notices a high volume of traffic from a single external IP address to multiple internal hosts on port 443. The traffic includes incomplete TCP handshakes. Which type of reconnaissance is being performed?

Question 34mediummultiple choice
Read the full Security Concepts explanation →

What is the primary difference between symmetric and asymmetric encryption?

Question 35mediummultiple choice
Read the full Security Concepts explanation →

A company's security policy requires that sensitive data be encrypted at rest using AES-256. Which type of encryption does AES-256 represent?

Question 36hardmultiple choice
Read the full Security Concepts explanation →

During a security assessment, an analyst uses the Shodan search engine to find exposed industrial control systems. Which phase of the attack lifecycle does this activity represent?

Question 37hardmultiple choice
Read the full Security Concepts explanation →

An organization needs to ensure that a document has not been altered and to verify the sender's identity. Which combination of cryptographic techniques should be used?

Question 38easymultiple choice
Read the full Security Concepts explanation →

Which security concept describes the potential for a threat to exploit a vulnerability, and is often expressed as a combination of likelihood and impact?

Question 39mediummultiple choice
Read the full Security Concepts explanation →

An attacker sends an email that appears to come from the company's IT department, asking the recipient to click a link and reset their password due to a security breach. Which type of social engineering is this?

Question 40mediummultiple choice
Read the full Security Concepts explanation →

Which compliance framework is specifically designed to protect the privacy and security of electronic health information in the United States?

Question 41mediummultiple choice
Read the full DNS explanation →

A security engineer discovers that an attacker has inserted fake entries into a DNS resolver's cache, redirecting users to a malicious website. Which attack has occurred?

Question 42hardmultiple choice
Read the full Security Concepts explanation →

In a PKI, what is the role of a Certificate Authority (CA)?

Question 43easymulti select
Read the full Security Concepts explanation →

A security analyst is reviewing network logs and identifies several failed login attempts followed by a successful login from an unusual geographic location. Which TWO security concepts are most directly related to this scenario? (Choose two.)

Question 44mediummulti select
Read the full Security Concepts explanation →

A company is implementing a new security policy to protect customer payment information. Which TWO compliance frameworks are most relevant to this requirement? (Choose two.)

Question 45hardmulti select
Read the full Security Concepts explanation →

An analyst is investigating a security incident where an attacker gained access to a server by exploiting a known vulnerability. The attacker then moved laterally and exfiltrated data. Which THREE phases of the Cyber Kill Chain are evident in this scenario? (Choose three.)

Question 46easymultiple choice
Read the full Security Concepts explanation →

Which element of the CIA triad ensures that data cannot be modified by unauthorized parties?

Question 47easymultiple choice
Read the full Security Concepts explanation →

A security analyst discovers that an attacker is using a vulnerability scanning tool to identify open ports on the company's network. Which type of attack is being performed?

Question 48mediummultiple choice
Read the full Security Concepts explanation →

A user receives an email that appears to be from the company's IT department asking for their password to perform a security check. The email contains a link to a fake login page. Which type of social engineering attack is this?

Question 49mediummultiple choice
Read the full Security Concepts explanation →

Which cryptographic technique uses a public and private key pair to provide non-repudiation?

Question 50mediummultiple choice
Read the full Security Concepts explanation →

An organization is required to protect cardholder data. Which compliance framework applies to this requirement?

Question 51easymultiple choice
Read the full Security Concepts explanation →

Which term describes a weakness in a system that could be exploited by a threat?

Question 52hardmultiple choice
Read the full Security Concepts explanation →

An attacker intercepts communication between a client and server and modifies the data being transmitted. The client and server are unaware of the modification. Which type of attack is being performed?

Question 53mediummultiple choice
Read the full Security Concepts explanation →

Which type of malware is designed to replicate itself and spread to other systems without user intervention?

Question 54mediummultiple choice
Read the full Security Concepts explanation →

A company's web server is overwhelmed by traffic from multiple compromised systems, causing it to become unresponsive to legitimate users. Which type of attack is this?

Question 55hardmultiple choice
Read the full Security Concepts explanation →

An organization wants to ensure that data sent over the internet cannot be read if intercepted. Which cryptographic method should be used?

Question 56hardmultiple choice
Read the full Security Concepts explanation →

A security analyst is evaluating risks and calculates that a threat has a likelihood of 0.5 and an impact of $200,000. What is the risk value?

Question 57easymultiple choice
Read the full Security Concepts explanation →

Which NIST Cybersecurity Framework function involves developing and implementing appropriate safeguards to ensure delivery of critical infrastructure services?

Question 58mediummulti select
Read the full Security Concepts explanation →

A security analyst is investigating a network breach. Which TWO activities are examples of passive reconnaissance? (Choose two.)

Question 59hardmulti select
Read the full Security Concepts explanation →

Which THREE components are part of a Public Key Infrastructure (PKI)? (Choose three.)

Question 60mediummulti select
Read the full Security Concepts explanation →

A healthcare organization must comply with HIPAA. Which THREE security measures are typically required under HIPAA? (Choose three.)

Question 61easymultiple choice
Read the full Security Concepts explanation →

An organization implements encryption for all sensitive data at rest and in transit to prevent unauthorized access. Which element of the CIA triad is being primarily addressed?

Question 62easymultiple choice
Read the full Security Concepts explanation →

A security analyst discovers that an attacker used a publicly available tool to scan a company's network for open ports and services. What type of attack is this?

Question 63easymultiple choice
Read the full Security Concepts explanation →

Which of the following best describes the relationship between a vulnerability, threat, and risk in cybersecurity?

Question 64mediummultiple choice
Read the full Security Concepts explanation →

A security engineer is analyzing a recent breach. The attacker gained access by sending an email that appeared to be from the CEO, requesting the recipient to transfer funds. What type of social engineering attack is this?

Question 65mediummultiple choice
Read the full Security Concepts explanation →

An organization wants to ensure that a message has not been altered during transmission. Which cryptographic technique should be used?

Question 66mediummultiple choice
Read the full Security Concepts explanation →

A company's web server is overwhelmed with traffic from many compromised devices, causing legitimate users to be unable to access the site. What type of attack is this?

Question 67mediummultiple choice
Read the full Security Concepts explanation →

A security analyst is reviewing logs and notices that an attacker has intercepted and modified communications between two devices on the same network. Which attack technique is being used?

Question 68mediummultiple choice
Read the full Security Concepts explanation →

An attacker uses a tool to capture keystrokes on a compromised system. What type of malware is most likely in use?

Question 69mediummultiple choice
Read the full Security Concepts explanation →

A security analyst needs to verify the authenticity and integrity of a software update. The update is signed with a digital signature. Which key is used to verify the signature?

Question 70hardmultiple choice
Read the full DNS explanation →

A security analyst is investigating an incident where an attacker successfully altered DNS records to redirect users to a fake website. Which attack occurred?

Question 71hardmultiple choice
Read the full Security Concepts explanation →

An organization must comply with a regulation that requires protecting the privacy of EU citizens' personal data. Which compliance framework applies?

Question 72hardmultiple choice
Read the full Security Concepts explanation →

A security analyst is selecting a symmetric encryption algorithm for encrypting data at rest. Which of the following is a suitable symmetric algorithm?

Question 73easymulti select
Read the full Security Concepts explanation →

A security analyst is identifying potential vulnerabilities in the network. Which TWO of the following are examples of passive reconnaissance?

Question 74mediummulti select
Read the full Security Concepts explanation →

Which THREE of the following are common types of malware?

Question 75mediummulti select
Read the full Security Concepts explanation →

A security engineer is implementing controls to meet compliance requirements. Which TWO of the following frameworks are specifically designed for protecting personal data?

Question 76easymultiple choice
Read the full Security Concepts explanation →

Which element of the CIA triad ensures that data cannot be modified by unauthorized parties?

Question 77easymultiple choice
Read the full Security Concepts explanation →

A security analyst is notified that an employee's laptop was stolen. The laptop contains sensitive customer data. Which type of threat does this incident represent?

Question 78mediummultiple choice
Read the full Security Concepts explanation →

An attacker sends a fraudulent email that appears to come from the company's IT department, requesting that the recipient click a link and enter their login credentials. Which type of social engineering attack is this?

Question 79mediummultiple choice
Read the full Security Concepts explanation →

Which type of malware is designed to encrypt files on a victim's system and demand payment for the decryption key?

Question 80mediummultiple choice
Read the full Security Concepts explanation →

A security analyst is reviewing logs and notices that an attacker has intercepted and modified communications between two devices without their knowledge. Which type of attack is this?

Question 81mediummultiple choice
Read the full Security Concepts explanation →

Which encryption method uses a single key for both encryption and decryption of data?

Question 82hardmultiple choice
Read the full Security Concepts explanation →

An organization wants to ensure that a received email genuinely came from the claimed sender and has not been altered. Which cryptographic mechanism provides both authentication and integrity?

Question 83mediummultiple choice
Read the full Security Concepts explanation →

Which compliance standard specifically applies to organizations that handle credit card information?

Question 84hardmultiple choice
Read the full Security Concepts explanation →

A security analyst needs to verify that a downloaded software update has not been tampered with. The update's publisher provides a file containing a hash value. Which process should the analyst use to verify integrity?

Question 85mediummultiple choice
Read the full Security Concepts explanation →

An attacker uses a tool to scan all IP addresses in a range to identify which hosts are online and what services are running. Which type of reconnaissance is this?

Question 86hardmultiple choice
Read the full Security Concepts explanation →

An organization wants to ensure that a user cannot deny having sent an email. Which security goal does this address?

Question 87easymultiple choice
Read the full Security Concepts explanation →

Which component of the NIST Cybersecurity Framework involves taking action to stop an ongoing attack?

Question 88mediummulti select
Read the full Security Concepts explanation →

A security analyst is investigating a potential data breach. The analyst identifies that the attacker used a technique to impersonate a legitimate user by spoofing the MAC address and IP address. Which TWO types of network attacks could involve these techniques? (Choose two.)

Question 89mediummulti select
Read the full Security Concepts explanation →

An organization wants to protect sensitive data at rest and in transit. Which THREE cryptographic methods can provide confidentiality? (Choose three.)

Question 90hardmulti select
Read the full Security Concepts explanation →

A company is implementing a security policy to reduce risk. Which THREE activities are examples of risk mitigation? (Choose three.)

Question 91easymultiple choice
Read the full Security Concepts explanation →

A security analyst discovers that an attacker has captured network traffic and used it to impersonate a legitimate user in a subsequent session. Which element of the CIA triad is most directly compromised in this scenario?

Question 92hardmultiple choice
Read the full VPN explanation →

A security analyst is investigating an incident where an employee received an email that appeared to be from the company's IT department, requesting the employee to verify their account by clicking a link and entering their credentials. The employee complied, and later the attacker used those credentials to access the corporate VPN. Which combination of attack types best describes this incident?

Question 93mediummulti select
Read the full Security Concepts explanation →

A security analyst is reviewing logs from a web server and notices a high volume of HTTP requests from a single IP address targeting the same login page within a short time frame. The analyst suspects a brute force attack. Which TWO actions are most appropriate to mitigate this type of attack? (Choose two.)

Question 94mediummulti select
Read the full Security Concepts explanation →

An organization wants to ensure the integrity of software updates downloaded from its vendor's website. The vendor provides a hash value for each update. Which TWO properties of hashing algorithms make them suitable for integrity verification? (Choose two.)

Question 95easymulti select
Read the full Security Concepts explanation →

A security analyst is assessing the risks to a company's data. The analyst identifies a vulnerability in the web application that could allow SQL injection. Which TWO terms correctly describe the elements of this risk scenario? (Choose two.)

Question 96mediummulti select
Read the full Security Concepts explanation →

A security analyst is configuring a firewall to block common reconnaissance techniques. Which THREE types of reconnaissance traffic should be blocked to prevent active reconnaissance? (Choose three.)

Question 97hardmulti select
Read the full Security Concepts explanation →

A security team is implementing a Public Key Infrastructure (PKI) to support digital signatures for email. Which THREE components are essential to the PKI framework? (Choose three.)

Question 98easymulti select
Read the full Security Concepts explanation →

A company needs to comply with regulations that protect personal data of EU citizens. Which TWO compliance frameworks are directly relevant to this requirement? (Choose two.)

Question 99hardmulti select
Read the full Security Concepts explanation →

An analyst is investigating a malware infection on a workstation. The malware appears to be a trojan that downloads additional payloads and allows remote control. The analyst needs to classify the malware based on its behavior. Which THREE characteristics match this description? (Choose three.)

Practice tests

Scored 10-question sessions with instant feedback and explanations.

200-201 Practice Test 1 — 25 Questions→200-201 Practice Test 2 — 25 Questions→200-201 Practice Test 3 — 25 Questions→200-201 Practice Test 4 — 25 Questions→200-201 Practice Test 5 — 25 Questions→200-201 Practice Exam 1 — 20 Questions→200-201 Practice Exam 2 — 20 Questions→200-201 Practice Exam 3 — 20 Questions→200-201 Practice Exam 4 — 20 Questions→Free 200-201 Practice Test 1 — 30 Questions→Free 200-201 Practice Test 2 — 30 Questions→Free 200-201 Practice Test 3 — 30 Questions→200-201 Practice Questions 1 — 50 Questions→200-201 Practice Questions 2 — 50 Questions→200-201 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Security MonitoringNetwork Intrusion AnalysisSecurity Policies and ProceduresHost-Based AnalysisSecurity Concepts

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Security Concepts setsAll Security Concepts questions200-201 Practice Hub